Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/IK4EShe7kXhMPZzTKrCGfNYHSiI.roa
File: IK4EShe7kXhMPZzTKrCGfNYHSiI.roa (raw, json)
Hash identifier: 5Jx8j+o4ilVqTlcgUPgclo1AccuFSsRI4fBXhnETSXg=
Subject key identifier: 20:AE:04:4A:17:BB:91:78:4C:3D:9C:D3:2A:B0:86:7C:D6:07:4A:22
Certificate issuer: /CN=b9f1d5b06f5701555ff5888154dd141b48896117
Certificate serial: 01862E430C212FDDC0CEC9686C2CD1599333
Authority key identifier: B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/IK4EShe7kXhMPZzTKrCGfNYHSiI.roa
Signing time: Tue 07 Feb 2023 23:43:11 +0000
ROA not before: Tue 07 Feb 2023 23:43:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 176.114.84.0/22 maxlen: 22
176.114.92.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2e:43:0c:21:2f:dd:c0:ce:c9:68:6c:2c:d1:59:93:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f1d5b06f5701555ff5888154dd141b48896117
Validity
Not Before: Feb 7 23:43:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20ae044a17bb91784c3d9cd32ab0867cd6074a22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bb:4a:50:c5:aa:36:ea:d5:49:60:9a:51:9c:
74:3a:84:aa:59:5a:37:b2:23:55:ad:c5:6f:1d:8a:
39:96:79:10:5f:78:f8:7c:60:cb:0c:fa:32:af:fd:
8d:d5:96:bf:ff:27:e9:1e:e6:98:09:d6:d6:2b:6a:
81:ab:09:ac:7e:83:bb:08:2f:0f:2b:18:24:7d:5e:
27:9c:a0:b3:c5:05:04:e9:7c:aa:93:99:fa:86:4e:
dd:4b:7b:56:f1:86:0d:e5:f2:69:45:f3:e1:da:bf:
17:60:f7:f7:17:5b:f5:ca:5b:db:74:64:bc:43:2e:
25:2c:95:f8:ac:a8:43:fd:46:35:1d:18:15:0c:a7:
c6:1d:7c:65:e1:14:57:a5:3e:93:9a:19:d2:88:4a:
8c:e6:07:e4:f1:ec:e5:7b:5b:92:2f:09:e4:7d:5e:
95:87:a4:35:37:83:ec:f7:5f:fa:fb:35:82:51:32:
5d:23:1a:b3:2f:25:07:76:bd:18:8a:06:98:0a:26:
85:c6:6c:83:63:3f:1b:31:30:6d:56:0e:01:5e:f1:
a0:aa:ef:71:7d:c9:4f:09:19:ad:a5:7a:87:f2:49:
8b:7f:d1:9b:67:e7:8a:f9:12:7b:67:dc:09:23:a1:
81:0c:47:f0:a4:2b:b3:c9:c3:36:f7:d1:cc:74:53:
1a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:AE:04:4A:17:BB:91:78:4C:3D:9C:D3:2A:B0:86:7C:D6:07:4A:22
X509v3 Authority Key Identifier:
keyid:B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/IK4EShe7kXhMPZzTKrCGfNYHSiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.114.84.0/22
176.114.92.0/22
Signature Algorithm: sha256WithRSAEncryption
99:e0:81:82:a0:f6:a2:3d:b5:28:bb:80:a4:74:4a:26:6e:e6:
4d:cc:2a:1c:3d:4f:76:86:dc:49:a9:d8:32:cb:79:3b:c5:62:
8c:19:c5:4c:00:be:a1:9c:fc:cc:41:5f:17:8a:31:e5:bd:4a:
84:e9:b8:86:40:a5:35:dc:3b:69:67:93:69:54:22:d8:3d:5d:
36:72:84:59:e0:ec:25:2b:3f:16:dd:60:f0:c1:ff:af:bb:2f:
fe:56:b0:09:ac:11:ae:1e:58:fa:e4:15:80:52:5a:6f:bc:07:
9b:cf:29:f6:f7:b6:5b:f6:c9:af:27:4b:37:6d:a1:cd:bb:58:
86:73:99:03:3c:64:78:90:31:bb:aa:2b:68:14:2c:68:19:96:
74:d3:ff:59:83:59:fb:ba:68:1b:0c:7e:47:25:39:f5:b1:02:
d4:61:9d:19:36:d7:64:2c:02:eb:ff:35:94:dc:91:14:73:65:
25:3b:ed:07:a1:b9:bc:87:d6:5e:fe:5b:95:ef:6d:af:1e:a7:
5e:93:a6:78:34:ae:c0:9d:93:12:42:6c:02:ba:33:1b:ed:5a:
77:5c:d7:c1:10:03:1e:89:4e:00:72:53:01:c8:25:2d:1f:42:
d5:9f:04:47:c4:68:a7:f7:3f:59:e8:cb:ae:51:26:c3:57:ba:
bf:90:5a:91
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYuQwwhL93AzslobCzRWZMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZjFkNWIwNmY1NzAxNTU1ZmY1ODg4MTU0ZGQxNDFiNDg4
OTYxMTcwHhcNMjMwMjA3MjM0MzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGFlMDQ0YTE3YmI5MTc4NGMzZDljZDMyYWIwODY3Y2Q2MDc0YTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLtKUMWqNurVSWCaUZx0OoSqWVo3
siNVrcVvHYo5lnkQX3j4fGDLDPoyr/2N1Za//yfpHuaYCdbWK2qBqwmsfoO7CC8P
KxgkfV4nnKCzxQUE6Xyqk5n6hk7dS3tW8YYN5fJpRfPh2r8XYPf3F1v1ylvbdGS8
Qy4lLJX4rKhD/UY1HRgVDKfGHXxl4RRXpT6TmhnSiEqM5gfk8ezle1uSLwnkfV6V
h6Q1N4Ps91/6+zWCUTJdIxqzLyUHdr0YigaYCiaFxmyDYz8bMTBtVg4BXvGgqu9x
fclPCRmtpXqH8kmLf9GbZ+eK+RJ7Z9wJI6GBDEfwpCuzycM299HMdFMauwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCCuBEoXu5F4TD2c0yqwhnzWB0oiMB8GA1UdIwQY
MBaAFLnx1bBvVwFVX/WIgVTdFBtIiWEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgt
ZjVjYThmYTcyNzBkLzEvSUs0RVNoZTdrWGhNUFp6VEtyQ0dmTllIU2lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgtZjVjYThmYTcyNzBk
LzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsHJUAwQC
sHJcMA0GCSqGSIb3DQEBCwUAA4IBAQCZ4IGCoPaiPbUou4CkdEombuZNzCocPU92
htxJqdgyy3k7xWKMGcVMAL6hnPzMQV8XijHlvUqE6biGQKU13DtpZ5NpVCLYPV02
coRZ4OwlKz8W3WDwwf+vuy/+VrAJrBGuHlj65BWAUlpvvAebzyn297Zb9smvJ0s3
baHNu1iGc5kDPGR4kDG7qitoFCxoGZZ00/9Zg1n7umgbDH5HJTn1sQLUYZ0ZNtdk
LALr/zWU3JEUc2UlO+0Hobm8h9Ze/luV722vHqdek6Z4NK7AnZMSQmwCujMb7Vp3
XNfBEAMeiU4AclMByCUtH0LVnwRHxGin9z9Z6MuuUSbDV7q/kFqR
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:17 2023 by rpki-client on console-ams.rpki-client.org